Is there a way to restrict access for some users to connections from local network through SSH, and have other users that's permitted to log on from connections over the Internet?
E.g. John's laptop only have permissions to access the server on the local network, while Lucy can access the server both on the local network and from the Internet. (Through SSH in both cases)
have a problem with my network-manager in ubuntu 10.10.when I dial one of my vpn connections, my other vpn connections be disabled and I can't use them!I tried to restart network-manager and gnome-panel, but it does't seem to solve this problem.
View 1 Replies View RelatedSamba up and running on my pc. pc runs FC12 with kde. A laptop has win vista. The pc can access the shares on the laptop but the laptop has authentication issues to access the pc. Note that windows doesnt enforce authentication forincoming network connections.Using the system-config-samba util i tried to map a windows user to the unix user "feduser". The laptop (named LAPPY) has a user (lapuser) which has on windows no password.What should I tell samba config what the windows username should be? lapuser or LAPPYlapuser doesnt work because when accessing the pc via the laptop, the authentication fails. The only auth that is successful is when choosing the same winusername as the unix username.
Secondary, id like to setup the laptop so that the user doesnt have to provide a name and password, or at least not more then once in the lifetime of the laptop. Note that you cant provide an empty password to system-config-samba. How is that possible?
Strange but not really on issue imho:the samba - KDE control module(kcmshall4) (and the smb.conf) shows 2 shares: the homedirs and the data dir the samba server configurator (system-config-samba) shows only the datadir.
i have a Domain Cotroller installed on Windows & DHCP Server installed on Ubuntu. i want to give access only authenticated Users(Active Directory Users) can get IP from DHCP. No one else canis there any option available here in DHCP ???
View 2 Replies View RelatedIs it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?
View 3 Replies View RelatedI recently installed Fedora 15 now, and during installation I set the internet connection manually, then did update and after reboot, the internet connection settings have been removed. Now I can not set because the network connection to the Internet Connection is inactive. I mention that before the update was functional internet connection.
View 5 Replies View RelatedNeither of my wired network connections are listed in the network manager applet. I know that networking seems to be functional since I can ping local devices on the network. I can't resolve DNS names however. I suppose this is because network manager usually handles DNS? I've posted the outputs of various configurations below.
Code:
/etc/NetworkManager/nm-system-settings.cfg
# This file is installed into /etc/NetworkManager, and is loaded by
# NetworkManager by default. To override, specify: '--config file'
# during NM startup. This can be done by appending to DAEMON_OPTS in
[code]....
I'm a bit confused about how ssh encrypts connections. I've read a few articles on ssh and they talk about 'keys pairs' (that is public and private keys) on the server and client computers. However, ssh doesn't seem to use these keys for encryption. What are the keys it uses? This question occurred to me when I was trying to make a remote login to an Ubuntu machine. From a remote login perspective, I haven't generated keys on my client machine and haven't enabled key based logins in ssh. (I use the default password based login). If there aren't any keys on my client, then how does encryption work?
View 9 Replies View RelatedI just installed Fedora 14 in a hard disk of my PC. I installed MySQL also. I dontt know if this is the correct site for my question, but nobody MySQL related, have an answer yet. For MySQL accepting remote connections, my.cnf file must be edited (bind-address line or skip-networking line in that file). Well, that file in my Fedora-MySQL installation does not have such lines, so i assume, TCP/IP connections are allowed in MySQL. When i try to connect to the MySQL server it refuses the connection with the error 2003, that in short, means no TCP/IP connections are allowed. I disabled the firewall and retried but with no success, enabled the firewall again, and nothing happen. Is Fedora not accepting TCP/IP connections?
View 5 Replies View Relatedthere is a cable connection and a wireless connection. Is it possible that I use the cable and the wireless to run a segmented download on both connections? Like half goes to wireless and the other half goes to the cable? Or if not the segmented download, then at least I surf the Internet with one and download on the other?
View 1 Replies View RelatedOK, so, basically, not so long ago I had a modem + LAN cable kind of internet setup, and my friends and colleagues had no problem connecting to my Apache, ircd, etc.
But a few months ago my ISP changed it's policy, and now I have a single cable, plugged directly into the 'eth0' port, which connects to WAN (static IP) and, through PPPoE, to the net (dynamic IP). (Sorry, my knowledge in networking is close to nonexistent)
So, now there is a problem. My friends CAN still connect to my FTP and httpd on Windows XP, through both the external, dynamic IP, as well as the static WAN IP, but my Slackware (WAN IP is set up with DHCP, PPPoE - through pppoe-setup, with firewall at '0') is refusing access. No sings of connection is shown in the /var/log/access_log.
Also, VoiceChatter server DOES log the connection attempt, but it refuses connection, sending a 'Auth challenge', and then cutting connection. (The 'challenge' bit was never there before the new net setup)
All connections are done through WAN static IP (though test with netwide dynamic IP yield the same results =)
I run Slackware 13.1, didn't touch the firewall settings at all, and, as mentioned, pppoe firewall is set to '0' value.
once I updated , there will be no connections to Internet in GUI , while it's available in TUI . So it's wired , huh ? Before upating, it's available both in TUI and GUI, though all the time the network-manager shows no connection , in fact , there is and both GUI and CUI . Now I updated , and it can't access Internet from GUI.
View 2 Replies View RelatedLatest kernel update since Fedora 2.6.33 are mapping all my NFS "shares" twice (two sets of icons, etc.). All work, but why is this happening - was fine previously.
View 2 Replies View RelatedWhen I click on the network manager icon next to the date in the upper right corner of my screen, my network connections do not show up. I have added two DSL connections on my laptop (username & password) but it doesn't show up. Everyday I need to use
Code:
sudo pppoeconf
if I wish to connect to the internet.
Both these connections are added in the same way on my Desktop Computer and it shows up on the network manager. One of them is even the default which connects automatically on startup.
Because it's not working I assume network manager is not compatible with my laptop. Are there patches to install or other programs that can easily manage my internet connection?
I'm using Ubuntu 9.10 on a not-so-new laptop.
I have recently installed lucid 10.04, and I am having difficulty accessing my wireless. Following instructions to install the drivers for my wireless card, I always run into a problem when I need to configure my card. When I go to system-administration-network, there is no connections tab listed. I can only access General, DNS and hosts.
View 6 Replies View RelatedDid ragemaw ever get that missing connections tab? Mine is missing too and furthermore wireshark cannot set up on any interfaces, because it cannot find them.
View 1 Replies View RelatedSo I'm going to try out opendns as an internet filter. But I'm not doing it on a network/router, just on my local machine. Using ubuntu, I read that I need to select each connection and change the dns settings.Is there a way to generically add the dns settings so that if I connect to a new network I don't have to manually update it's settings?
View 1 Replies View RelatedI've got a Ubuntu Server Linux router that I've got 2 internet connections hooked to. One of them is DSL and the other is cable.
What I'd like to do is have everything go through the DSL connection EXCEPT for one desktop, I'd like that system to go through cable for everything.
Here's a diagram of how I've got things set up.
[URL]
I don't have any more expansion slots on the mainboard of my server for another NIC, also I do a lot of file transferring between a laptop and the desktop I want on the cable connection so I don't want that slowing down the rest of my network.
I've got both providers set up in the providers file and I've got everything going through the DSL connection right now. So far everything I've tried has stopped the desktop from connecting out at all.
I would like to know if a rule has been applied to the iptables.active file to accept direct connections on port 22 through an IP address, can I also add a mac address/addresses to the rules such that if I am not on the network with the accepting IP address, that my MAC address will still get me in?
View 4 Replies View Relatedis possible to use linux (especially slackware) to bond 2 (ethernet modems) adsl connections. For example if i have 2 connection of 24mbs download and 512 upload i will create achieve 48 mgps dowload and 1 mgps upload . something like that
adsl1 modem <------ eth1--- (slackbox router) --- eth0---> my server
adsl2 modem <------ eth2----
One of our RHEL 5.3 servers has trouble about 30% of the time with TCP-based communications, but it does not seem to be firewall issues. From another computer on the same switch, you can SSH to the server sometimes and other times the SSH command will just hang. When it hangs, you can often just Ctrl+C and try it again and it works. Same with HTTP connections. You'll get part of a web page and then FireFox will just hang waiting for the rest and eventually time out. Same goes for communication initiated FROM the server. SSH'ing from the server to any outside server or connecting to any web site works sometimes, but most times not. iptables if off. No other firewalls are running. Tcpdump shows communication gets so far and then stops. It does not matter whether tou run tcpdump on that server or the client connecting to it. Either way you see the connection stops working. MEANWHILE, pinging with small or large packets works flawlessly. 10,000 packets, zero drops.
View 5 Replies View RelatedWe are having an issue with our application where once we start making a few hundred connections to our Linux server, our connections are staying in the established state. When our app is working fine, the client sends a basically a heartbeat every five minutes. It is all nice and clean, receives the FIN and shuts down and that's that. tcpdump as follows:
Code:
12:53:10.965206 IP serverA.xxx.xxx.com.40315 > serverB.xxx.xxx.com.1234: . ack 2 win 46 <nop,nop,timestamp 3299017001 2043788445>
12:58:10.892878 IP serverA.xxx.xxx.com.40322 > serverB.xxx.xxx.com.1234: S 494392992:494392992(0) win 5840 <mss 1460,sackOK,timestamp 3299316941 0,nop,wscale 7>
12:58:10.894882 IP serverA.xxx.xxx.com.40322 > serverB.xxx.xxx.com.1234: . ack 3318963465 win 46 <nop,nop,timestamp 3299316941 2044088355>
12:58:10.894886 IP serverA.xxx.xxx.com.40322 > serverB.xxx.xxx.com.1234: P 0:78(78) ack 1 win 46 <nop,nop,timestamp 3299316941 2044088355> .....
Then things start getting busy, and it ends up looking like this:
Code:
01:28:10.493760 IP serverA.xxx.xxx.com.41132 > serverB.xxx.xxx.com.1234: S 774853781:774853781(0) win 5840 <mss 1460,sackOK,timestamp 3344315513 0,nop,wscale 7>
01:28:13.491231 IP serverA.xxx.xxx.com.41132 > serverB.xxx.xxx.com.1234: S 774853781:774853781(0) win 5840 <mss 1460,sackOK,timestamp 3344318513 0,nop,wscale 7>
01:28:13.491755 IP serverA.xxx.xxx.com.41132 > serverB.xxx.xxx.com.1234: . ack 3597595480 win 46 <nop,nop,timestamp 3344318513 2089089105> ....
What could be the cause if the fin was received at 01:28:13.492743, but hours later this connection is still established:
gateway 16514 root 111u IPv4 2714750 TCP
serverB.xxx.xxx.com:1234->serverA.xxx.xxx.com:41132 (Established)
There is no corresponding connection in the client's netstat.
I'm not sure if this is a Linux standard, but I've always understood that Linux restricts usage of ports below 1025 to root-user only. My question is why was this method developed?My theory is that it's to reduce the possibilty users who may not be as knowledgable with Linux from getting hacked. This is probably wrong though as ports 1025-66535 are available to any program as any user.
View 1 Replies View RelatedIs there a way to log specific type of network connection with timestamp? I mean, if someone sends a mail through mail server, is there a way the server logs that connection with timestamp?
Example:
2010-03-17 14:10:12 <server>:25 <client1>:<port1>
2010-03-17 14:10:26 <server>:25 <client2>:<port2>
2010-03-17 14:13:09 <server>:25 <client3>:<port3>
2010-03-17 14:15:43 <server>:25 <client4>:<port4>
...
...
...
I'd like to configure IPtables to make sure I can only access the internet through an openvpn connection (so when the connection is down I have no way to access the internet but to connect to the vpn again).
I know how to do this with Firestarter (restrictive outgoing policy and I only allow the vpn server IPs) but Firestarter seems to be stupid : for some reason eth0 was changed to eth1 and Firestarter can't work properly anymore, even though that probably can be fixed with Firestarter I'm no more interested in this program and I'd better like to know how to apply the same policy using IPtables.
I've tried a few things already but it failed each time ... how can I effectively allow my computer to connect to the VPN while everything else is blocked ?
How do I find the maximum number of concurrent connections (in any state)? I'm running RHEL5 2.6.18-194.26.1.el5. Also, does tcp auto tune affect the number of concurrent connections or is it mostly used for dynamic buffer size allocation?
View 3 Replies View RelatedI explain my problem:
- Server with Slackware 10.1.0 no have tcp connection to the port 2049. And I need that this server have tcp connections.
- The rpcinfo out is.
- The kernel version for this server is linux-2.4.29.
- The file /etc/rpc contain is:
- And the file /etc/service contain about nfs is:
I have a netbook (toy) running Ubuntu 9.04. It has a wired Ethernet NIC and a wireless NIC. They both work fine but I have a question about how to integrate the netbook into my network.
Here is my network design:
Each computer has the reserved IP address devices listed in its host file.
So now comes the netbook, taylor13. For the moment I have hard coded IP addresses on the netbook as follows:
I have added to each host file:
I can now connect to the netbook with the desired interface so I guess all is well. However, this seems a little like a jury rig approach.
Is there a better way? Perhaps a configuration where I could request a connection to "taylor13" and the "system" would figure out what if any paths were available to the device and make the connection?
My router flippeth me the bird if I try to assign the same name to two IP addresses or the same IP address to two device names.
I also realized as I write this that I have a chance of stepping on 192.168.0.113 if I do not reserver it in DHCP.
I installed linux 2010 mandriva on a (embeded) system,and i run several server programs on it that accept connections from clients. clients are connected to server(s) and every things is ok, but when i go to home and back to my work tomorrow, i see no data can be sent to server programs and this problem exists until i restart the server programs or reconnect tcp client programs. this problem occurs even when both client and server programs executed on the same (embeded) system.why this happens? i checked by netstat and see that server ports exists in the list(and not closed by kernel) but it seems kernel or an application above it prohibit data transmission.i changed the OS and installed ubuntu but the problem exists.
View 5 Replies View RelatedI'm having trouble running 2 network connections on an Ubuntu 10.10 machine. My wireless connection provides my internet access and is assigned the ip 192.168.1.7 My ethernet connection provides access to a separate network containing a nas box/server. The ip address for this is 192.168.5.100 When I am only connected to the wireless network, the internet works fine. However, once I connect to the ethernet network, I lose internet access via browsers and email client I cannot ping external web servers. It doesn't appear to be an ip address conflict so I'm at a loss as to what is causing my internet connection to drop.
View 8 Replies View Related